Web Application Worms
Today, most companies recognize that network security is an integral aspect of daily operations, but few realizes how quickly new methods of Internet attacks are being invented by hackers. While organizations rushes to develop their security policies and implement even a basic security foundation, the professional hacker continues to find new ways to attack by modifying old Internet worms, Trojans, and viruses, or creating completely new ones. Just recently, the attention of these hackers has focused on to Internet attacks targeted at the application layer, which can include either shrink-wrapped or custom applications. Because this layer is commonly the least protected layer of an organization’s network. Considering the nature of Web applications that allow access to internal and external audiences, these Internet attacks can pose a serious threat to an organization’s back-end data without the organization’s knowledge. Content is continually being changed on a frequent basis in order to keep up with the demand of new features and functionality. Even the simplest changes could become vulnerable that may pose a major threat to corporate assets and confidential information, which includes customers’ identities, that is when a Web application attack is launched. The list of Internet attacks used today to target Web applications is growing, and they are; Internet worms, SQL injection to Google hacking, organizations are learning the hard way about the result from Internet attacks at the Web application layer. Now, companies no longer needs to be an easy target to hackers to fall victim to Internet attacks because exploitation is as easy as turning up in a search result.
(Source:SecurityPark)
Posted on April 30th, 2008 by Star
Filed under: General, Security